Introduction
In December 2023, Google and Yahoo communicated a change in their guidelines for sending communications to “gmail.com” and “yahoo.com” emails with the aim of improving the overall security and reliability of email services. While this is a positive development for email users, it could also lead to some issues for SaaS providers (such as Docebo) sending emails to final users.
This change will become effective starting February 2024 and will impact all Docebo’s customers with learners with a “gmail.com” and “yahoo.com” emails using notifications and newsletters.
A comprehensive list of the requirements is available both for Google and Yahoo:
- Google email sender guidelines (opens in a new tab)
- Yahoo email sender guidelines (opens in a new tab)
Google and Yahoo requirements
- Set up SPF or DKIM email authentication for your domain.
- Ensure that sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records.
- Use a TLS connection for transmitting email. For steps to set up TLS in Google Workspace, visit Require a secure connection for email.
- Keep spam rates reported in Postmaster Tools (opens in a new tab) below 0.10% and avoid ever reaching a spam rate of 0.30% or higher.
- Format messages according to the Internet Message Format standard (RFC 5322).
- Do not impersonate Gmail or Yahoo From: headers. Gmail and Yahoo will begin using a DMARC quarantine enforcement policy, and impersonating Gmail or Yahoo From: headers might impact your email delivery.
- If you regularly forward email, including using mailing lists or inbound gateways, add ARC headers to outgoing email. ARC headers indicate the message was forwarded and identify you as the forwarder. Mailing list senders should also add a List-id: header, which specifies the mailing list, to outgoing messages.
If sending more than 5,000 messages per day
If you are sending more than 5,000 messages per day, in addition to the previous list, the following requirements apply:
- Set up DMARC email authentication for your sending domain. Your DMARC enforcement policy can be set to none.
- For direct mail, the domain in the sender's From: header must be aligned with either the SPF domain or the DKIM domain. This is required to pass DMARC alignment.
- Marketing messages and subscribed messages must support one-click unsubscribe, and include a clearly visible unsubscribe link in the message body.
Docebo feedback and suggestions
Here follows a list of suggestions to help you make sure notifications and newsletters keep working seamlessly for all Gmail and Yahoo users:
Set up SPF or DKIM email authentication for your domain
Docebo already covers 100% of this requirement if SPF and DKIM are properly configured in the platform. Any email sent from an address whose domain does not have such configurations cannot be guaranteed.
Ensure that sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records
Docebo already covers 100% of this requirement.
Use a TLS connection for transmitting email
Docebo mail server is configured to automatically rely on TLS for any email, if it is available. For both Gmail and Yahoo, this connection type is available and used.
Such availability is not limited to Gmail and Yahoo but covers the most popular domains, such as outlook.com or icloud.com.
Keep spam rates reported in Postmaster Tools below 0.10% and avoid ever reaching a spam rate of 0.30% or higher
Spam rates are calculated according to the number of emails identified as spam by the recipients and through Google Analytics. Here follow some guidelines to avoid being identified as spam:
- Review the templates used in notifications and newsletters to prevent as much as possible from being flagged as spam.
- Make sure that your email headers are correctly formatted.
- Avoid using spammy language or tactics in your emails, such as excessive use of capital letters, exclamation marks, and words commonly associated with scams or phishing attempts.
- Make sure that your email content is relevant and valuable to your recipients
Format messages according to the Internet Message Format standard (RFC 5322)
Docebo already covers 100% of this requirement.
Do not impersonate Gmail or Yahoo From: headers. Gmail will begin using a DMARC quarantine enforcement policy, and impersonating Gmail or Yahoo From: headers might impact your email delivery
With the introduction of Domain management, Docebo has locked the use of senders that are not tied to a valid domain configuration. Given that the gmail.com domain is owned by Google and yahoo.com is owned by Yahoo, as of now it is not possible to use Gmail or Yahoo mail as a sender.
If you regularly forward email, including using mailing lists or inbound gateways, add ARC headers to outgoing email. ARC headers indicate the message was forwarded and identify you as the forwarder. Mailing list senders should also add a List-id: header, which specifies the mailing list, to outgoing messages.
Docebo does not forward emails. All notifications are generated directly and not forwarded, so this requirement does not apply.
Set up DMARC email authentication for your sending domain. Your DMARC enforcement policy can be set to none.
Docebo does not currently check the DMARC, however, since this check will be enforced by Google and Yahoo, Docebo cannot guarantee the delivery of emails without DMARC properly configured.
For direct mail, the domain in the sender's From: header must be aligned with either the SPF domain or the DKIM domain. This is required to pass DMARC alignment.
Same as the previous point. The DMARC would need to be configured to properly guarantee the delivery of email communications.
Marketing messages and subscribed messages must support one-click unsubscribe, and include a clearly visible unsubscribe link in the message body
Docebo notifications are not intended to be marketing emails. The notifications have the scope of internal operational warnings. Notifications are either tied to customer actions (purchase of a course, completion of a certification) or to system notifications (compliance reminder to complete a training, near expiration of a certification).